package com.example.demo.shiro;

import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

import javax.security.auth.login.AccountException;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import com.example.demo.constants.pojo.PermissionInfo;
import com.example.demo.constants.pojo.RoleInfo;
import com.example.demo.constants.pojo.UserInfo;
import com.example.demo.service.IUserService;

import lombok.extern.log4j.Log4j2;

/**
 * 实现AuthorizingRealm接口用户用户认证
 * @author Administrator
 *
 */
@Log4j2
public class ShiroSimpleRealm extends AuthorizingRealm {

	private static final String credentials="";
	
	@Autowired
	IUserService userService;	
	
	/**
	 * 角色权限和对应权限添加
	 * @param principalCollection
	 * @return
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
		//添加角色和权限
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        //获取登陆用户
        String userName=(String)principalCollection.getPrimaryPrincipal();
        UserInfo user = userService.QueryUserInfoByUserName(userName);        	    
        for (RoleInfo role: user.getRoles()) {
            //添加角色
            simpleAuthorizationInfo.addRole(role.getRoleName());
            for (PermissionInfo permission:role.getPermissions()) {
                //添加权限
                simpleAuthorizationInfo.addStringPermission(permission.getPermission());
            }
        }
        log.info("获取系统用户授权信息:"+user);
        return simpleAuthorizationInfo;
	}
	
	/**
	 * 用户认证
	 * @param authenticationToken
	 * @return
	 * @throws AuthenticationException
	 */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException{
    	
    	AuthenticationToken token=(AuthenticationToken)authenticationToken;
    	//加这一步的目的是在Post请求的时候会先进认证，然后在到请求
    	if (authenticationToken.getPrincipal() == null) {
            return null;
        }
    	//获取用户信息
        String userName = authenticationToken.getPrincipal().toString();
        UserInfo user = userService.QueryUserInfoByUserName(userName);  
        
        if(user == null) {
        	//throw new AccountException("未获取到相关用户信息");
        	return null;
        }
        
        //证书
        String credential=credentials+user.getPassword().toString();
        
//        SimplePrincipalCollection principals=new SimplePrincipalCollection();      
//        principals.add(user, getName());  

        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(user.getUserName(), credential, getName());
        
        return simpleAuthenticationInfo; 
        
    }
	
}
